The target: SendGrid, a Colorado-based email marketing company.
The take: 400,000 unique login credentials of: email address, password, IP address, and physical location.
The attack vector: The attacker used a combination of previously hacked accounts on the SendGrid platform to send fake Zoom invites. As SendGrid was known as a trusted SMTP provider, the fake messages had a much higher chance of reaching their targets, passing through some email protection.
This incident highlights the importance of critical thinking as a component of social awareness training for staff. In the event that a trusted account is compromised, analysis of the context of these requests becomes the critical – is a meeting invite expected, does the timeline and subject matter line up with expectations? While messages originating from fraudulent e-mail addresses are easier to spot, they are not the only vector for phishing attacks – each item in the inbox must be approached with the same level of caution.